Neighbor Discovery for IPV6 Switching Systems

ABSTRACT

A distributed neighbor discovery module is disclosed where all neighbor discovery operations and functionalities may be distributed to a switch device processor. Each neighbor discovery process on a switch device may run as an individual neighbor discovery router node. There may be no coordination between neighbor discovery processes occurring on different switch devices. All other traffic, including both IPv6 control traffic and data traffic destined to the router may be processed by the central controller processor.

CROSS-REFERENCE TO RELATED APPLICATION

This application is a divisional of co-pending U.S. patent applicationSer. No. 14/264,101, filed Apr. 29, 2014, which is projected to issue onJan. 1, 2019 as U.S. Pat. No. 10,171,547, which is a divisional of U.S.patent application Ser. No. 13/270,904, filed Oct. 11, 2011, now U.S.Pat. No. 8,713,169, issued Apr. 29, 2014, both of which are entirelyincorporated herein by reference.

BACKGROUND

Neighbor discovery protocol is used by IPv6 protocol for routerdiscovery, address resolution, duplicated address detection,unreachability detection, and other features. On a switching modulecapable of supporting a large number of virtual machines and/or hosts,as the number of hosts/virtual machines grows, the amount of neighbordiscovery messages exchanged between hosts and a central controllerprocessor may be overwhelming. This can potentially overload the centralcontroller processor and increase the possibility of failures.

As such, there exists a need for an IPv6 neighbor discovery distributionmodule that can distribute the neighbor discovery traffic to the variousswitching devices. This may allow for an increase in scalability andstability for switching modules capable of supporting a large number ofvirtual machines and/or hosts.

BRIEF DESCRIPTION OF THE DRAWINGS

The accompanying drawings, which are incorporated in and constitute apart of this disclosure, illustrate various embodiments. In thedrawings:

FIG. 1 illustrates an example network environment for embodiments ofthis disclosure;

FIG. 2 illustrates the IPv6 address format;

FIG. 3 illustrates an IPv6 address format according to embodiments ofthis disclosure;

FIG. 4 illustrates example embodiments of the present disclosure;

FIG. 5 illustrates an IPv6 address format according to embodiments ofthis disclosure;

FIG. 6 is a flow chart illustrating embodiments of this disclosure;

FIG. 7 is a flow chart illustrating embodiments of this disclosure;

FIG. 8 is a flow chart illustrating embodiments of this disclosure;

FIG. 9 is a flow chart illustrating embodiments of this disclosure;

FIG. 10 is a flow chart illustrating embodiments of this disclosure;

FIG. 11 is a flow chart illustrating embodiments of this disclosure;

FIG. 12 is a flow chart illustrating embodiments of this disclosure;

FIG. 13 is a flow chart illustrating embodiments of this disclosure; and

FIG. 14 is a block diagram of a computing network device.

DESCRIPTION OF EXAMPLE EMBODIMENTS Overview

Consistent with embodiments of the present disclosure, systems andmethods are disclosed for resolving a critical scalability issue formultiple switch device systems with VLANs spanning across multipledevices.

It is to be understood that both the foregoing general description andthe following detailed description are examples and explanatory only,and should not be considered to restrict the application's scope, asdescribed and claimed. Further, features and/or variations may beprovided in addition to those set forth herein. For example, embodimentsof the present disclosure may be directed to various featurecombinations and sub-combinations described in the detailed description.

DETAILED DESCRIPTION

The following detailed description refers to the accompanying drawings.Wherever possible, the same reference numbers are used in the drawingsand the following description to refer to the same or similar elements.While embodiments of this disclosure may be described, modifications,adaptations, and other implementations are possible. For example,substitutions, additions, or modifications may be made to the elementsillustrated in the drawings, and the methods described herein may bemodified by substituting, reordering, or adding stages to the disclosedmethods. Accordingly, the following detailed description does not limitthe disclosure. Instead, the proper scope of the disclosure is definedby the appended claims.

As the virtual machine (“VM”) concept is introduced into campus and datacenter networks, the number of hosts connected by switching systems atthe data center grows dramatically, even in the order of millions.Traditional three-tier network architectures can no longer meet therequirements of these types of networks as more and more switches androuters must be added as the number of VMs grow. Latency, complexity,and cost may increase as well.

FIG. 1 illustrates an example network environment for embodiments ofthis disclosure. Example networks may be designed with a flattenedarchitecture that consists of a multi device switching system 110. Multidevice switching system 110 may comprise a plurality of L2/L3 switchingdevices 120 a-c. Switching devices 120 a-c may each be connected to anumber of servers 130 a-f.

In some embodiments, switching devices 120 a-c may be directly linkedtogether or (full-mess or cascade architecture) or through a switchingfabric device (hub-spoke architecture) to form a virtual switch. Allthese switching devices may be controlled by a central controller.Routing protocols may run on the central controller as a single routingentity. All traffic may travel through the system as if switchingthrough a single switching device. In such a switching system, a packetforwarded across switching devices 120 a-c may go through two stages ofhardware lookup and forwarding, once at an ingress switching device andonce at an egress switching device.

IPv6 Protocol is designed to support a much greater number ofaddressable nodes and more capability of addressing hierarchy with alarger address size (128 bits). With the larger IPv6 address space,there is more flexibility for assigning network prefixes and addresses.This creates the possibility for aggregation.

FIG. 2 illustrates the IPv6 address format. The higher N bits may beused to store the subnet prefix 210. Subnet prefix 210 may be the subnetprefix assigned to the L3 interface. The remaining 128-N bits may beused to store the interface ID 220. Interface ID 220 may be used toidentify the host connected to the L3 interface.

FIG. 3 illustrates an IPv6 address format according to embodiments ofthis disclosure. The highest N bits may be used to store the subnetprefix 310. The next M bits may be allocated for a port ID 320. The portID 320 may uniquely identify a particular port associated with aswitching device on the network. The remaining 128-N-M bits may be usedto store the host ID 330. A port prefix may be formed by combining thesubnet prefix and the port ID.

Embodiments described herein may be based on the configuration that a L3virtual interface consists of multiple L2 switch ports. Furthermore,each of the multiple L2 switch ports may share the same VLAN ID. An L2switch port associated with a switching device may be connected tomultiple hosts or VMs. The port prefix may be provisioned on a port of aswitching device. The port prefix length (N+M) may be the same ordifferent on different ports depending upon the number of hostsconnected to the port.

All port prefixes associated with a VLAN interface should be summarizedby the subnet prefix on the VLAN interface. All assigned host addressesassociated with the port should be summarized by the port prefixconfigured on the switching device. In some embodiments, subnetprefixes, port prefixes, and host addresses may be assigned through aDHCP server and other network management tools.

In operating environment according to embodiments described herein, aplurality of L2 ports associated with switching devices may reside onthe same VLAN. An L3 virtual interface may be configured as describedabove. The L2 ports may be spread across multiple switching devices. Inthis setting, prior systems could not employ subnet prefix aggregationas the multiple destination switching devices may be associated with thesame subnet prefix.

Embodiments described herein may install a port prefix in FIB CAM tableson all switching devices except for the local switching device. Adestination port index may be installed as the destination index for theport prefix. These port prefix FIB entries may be used for ingresslookup. On the egress switching device, only local neighbor entries maybe installed in the FIB CAM table on the local switching device.Neighbor FIB entries may be employed for egress lookup. If both thesource and destination are on the same switching device, neighbor FIBentries may be used for FIB lookup as only one FIB lookup is required.Subnet prefixes may be installed on a local switching device, where thelocal switching device is configured to punt the entry neighbordiscovery packet to the central controller CPU for processing.

FIG. 4 illustrates example embodiments of the present disclosure. Portprefix PP1 may be configured on a port associated with a switchingdevice 450 connecting to VM 430 and VM 470. Port prefix PP1 may beinstalled in FIB CAM on switching device 410 and switching device 440.If an IPv6 packet comes from VM 420 with a destination of VM 430, it mayarrive at switching device 410. The L3 ingress lookup may hit portprefix PP1 with a destination index pointing to switch device 450.

Without L2 rewrite, the frame is forwarded to egress at switch device450. At this stage the MAC of the destination has been discovered by thesystem. A L3 egress lookup may then hit the destination CAM entry for VM430. The packet will subsequently be forwarded to VM 430. Reversetraffic may be forwarded the same way with a port prefix provisioned onswitch device 410 and installed in FIB CAM on switching device 450.

On a pure L3 interface without VLAN association, the subnet prefixconfigured on the interface with destination port index may be installedon all other associated switch devices. A packet arriving at an ingressswitch device may hit the subnet prefix. The packet may then beforwarded to the egress switch device and reach its final destination.

On an Ether-channel (LAG) interface, the subnet prefix configured on theinterface with Ether-channel destination index may be installed on allother associated switch devices. A packet arriving at an ingress switchdevice may hit the subnet prefix. The packet may then be forwarded to aswitch device depending upon an Ether-channel load balancing algorithm.The packet may then be forwarded by the egress switch device based onegress lookup.

The maximum number of hosts that may be supported by embodiments of thisdisclosure may be calculated via formula [1]

H=(F−P×V×S)×S  [1]

H represents the maximum number of hosts supported. F represents thesize of the FIB. V represents the number of VLANs per port. P representsthe number of ports per switching device. S represents the number ofswitch devices being employed. For example, with a FIB CAM size of16,000 IPv6 entries, 100 switch devices, 48 ports per switching device,1 VLAN per port, 1.1 million hosts may be supported.

In some embodiments, for increased scalability, the port prefix may beinstalled on ingress switch devices based on active traffic flows. Forexample, the port prefix would only be installed on those switch devicesthat have active traffic flow. The traffic flow may be monitored and theport prefix should be removed from the ingress switch device if trafficflow stops for a predetermined period of time. With this approach theFIB CAM size may be even smaller if hosts connected to a port device donot communicate with hosts connected to all other ports on other switchdevices.

The maximum number of hosts that may be supported by embodiments of theprevious paragraph may be calculated via formula [2]

H=(F−P×V×S×C %)×S  [2]

C % represents the percentage of active traffic flows between portsassociated with active switching devices. For example, with a FIB CAMsize of 16,000 IPv6 entries, 100 switch devices, 48 ports per switchingdevice, 2 VLANs per port, with 50% active flow, 1.1 million hosts may besupported.

Embodiments of this disclosure consider the scenarios where port levelaggregation may not meet the requirements of a campus or data centerenvironment where many VLANs may be provisioned. As the port prefixshould be provisioned on a per-port/per-VLAN basis, the number of portprefixes may grow as the number of VLANs per port grows. In theseenvironments, embodiments may allocate M bits for the device ID from theinterface ID space as illustrated in FIG. 5.

FIG. 5 illustrates an IPv6 address format according to embodiments ofthis disclosure. The highest N bits may be used to store the subnetprefix 510. The next M bits may be allocated for a device ID 520. Thedevice ID 520 may identify an individual device on the system. Theremaining 128-N-M bits may be used to store the host ID 530. A deviceprefix may be formed by combining the subnet prefix and the device ID.

The device prefix may be provisioned on a switch device, one for eachVLAN on the switch device. The device prefix is used to summarize allhosts connected to the switch device on the same VLAN. The device prefixmay be installed on the FIB CAMs associated with the other switchdevices for ingress lookup.

The approaches for use of the port prefix may be employed with thedevice prefix. However, the ingress lookup is based on the device prefixas opposed to the port prefix. The use of the device prefix also allowsfor a much higher degree of scalability for systems provisioned withmany VLANs.

The maximum number of hosts that may be supported by embodiments of thisdisclosure employing the device prefix may be calculated via formula [3]

H=(F−V×S)×S  [3]

H represents the maximum number of hosts supported. F represents thesize of the FIB. V represents the number of VLANs per device. Srepresents the number of switch devices being employed. For example,with a FIB CAM size of 16,000 IPv6 entries, 100 switch devices, 1 VLANper device, 1.6 million hosts may be supported. Similarly, with a FIBCAM size of 16,000 IPv6 entries, 100 switch devices, 50 VLANs perdevice, 1.1 million hosts may be supported.

FIG. 6 is a flow chart illustrating embodiments of this disclosure.Method 600 may begin at step 610 where a first quantity of bits in anIPv6 address may be allocated for storing a subnet prefix. Method 600may then proceed to step 620, where a second quantity of bits in theIPv6 address may be allocated for storing a port identifier.

Method 600 may then proceed to step 630. At step 630, the remaining bitsin the IPv6 address may be allocated for storing a host identifier. Insome embodiments, the IPv6 address is appended to a packet transmittedacross a Level-3 virtual interface comprised of a plurality of Layer-2switch ports. Method 600 may then proceed to step 640 where a portprefix may be computed by combining the subnet prefix and the portidentifier.

In some embodiments, two or more of the plurality of switching devicesmay share the same VLAN identification. Furthermore, at least one of theswitching devices may be connected to one or more virtual machines.Method 600 may then proceed to step 650 where the port prefix may beinstalled in FIB CAM tables on a plurality of the switching devices. Insome embodiments, all assigned host addresses associated with the portmay be summarized by the port prefix.

FIG. 7 is a flow chart illustrating embodiments of this disclosure.Method 700 may begin at step 710, where one of: a port prefix and/or adevice prefix is configured. The prefix is determined based on IPv6address information as described above in regards to FIG. 3 and FIG. 5.In some embodiments, the configuration may take place on a switchingdevice. The switching device may reside on a path between the firstvirtual machine and the second virtual machine.

Method 700 may then proceed to step 720. At step 720, the prefix may beinstalled in a FIB CAM at the ingress switching device. In someembodiments, the prefix may comprise a destination index pointing to anegress switch device. Method 700 may then proceed to step 730, where anIPv6 packet may be received from a first virtual machine addressed to asecond virtual machine.

Subsequent to the receipt of the IPv6 packet, method 700 may proceed tostep 740. At step 740, an ingress lookup may be performed. The ingresslookup may locate the designated prefix. In some embodiments, method 700may proceed to step 750, where an egress lookup may be performed as thepacket traverses to its destination. The egress lookup may locate adestination entry on the FIB CAM corresponding to the second virtualmachine. In some embodiments, the packet may be forwarded to the egressswitch device based on the results of a load balancing algorithm. Insome embodiments, method 700 may be performed on an L3 interface withoutVLAN association.

An embodiment consistent with this disclosure may comprise an apparatusfor scaling IPv6 on multiple devices. The system may comprise aprocessor coupled to a memory, wherein the processor is operative todetermine a port prefix value based on IPv6 address information. Theprocessor may be further configured to install the port prefix value inFIB CAM tables associated with a plurality of connected switchingdevices.

The processor may further be configured to use the port prefix value foringress lookup. In some embodiments, the apparatus may be a switchingdevice. The switching device may reside on the same VLAN as theplurality of connected switching devices. The processor may be furtherconfigured to punt an entry data packet to a central controller forprocessing.

Embodiments described herein disclose a distributed neighbor discoverymodule where all neighbor discovery operations and functionalities maybe distributed to a switch device processor. Each neighbor discoveryprocess on a switch device may run as an individual neighbor discoveryrouter node. There may be no coordination between neighbor discoveryprocesses occurring on different switch devices. All other traffic,including both IPv6 control traffic and data traffic destined to therouter may be processed by the central controller processor.

IPv6 neighbor discovery messages may be classified as IPv6 ICMP messageswith five reserved ICMP message types. The five reserved ICMP messagetypes include router solicitation, router advertisement, neighborsolicitation, neighbor advertisement, and redirect messages. Forembodiments of the present disclosure only IPv6 neighbor discoverypackets should be punted to the switch device processor. Other IPv6 ICMPpackets destined for the router should be punted to the centralcontroller processor.

To distinguish these messages from other ICMP messages, a Layer-3access-list may be employed in hardware. The access list contains a listof permitted reserved ICMP message types. In some embodiments, theaccess list includes message types which may be identified as“router-solicitation”, “router-advertisement”, “nd-ns” (neighborsolicitation), “nd-na” (neighbor advertisement), and “redirect”.

The access list should be programmed in hardware with a local CPU as itsdestination so that packets matching with the access list would bepunted to the local CPU. All other control traffic and data trafficshould be punted to the central control processor along with the regularFIB entries in hardware.

Running embodiments of neighbor discovery on a switching device may berelatively simple if the VLAN is local to the switching device. Problemsmay arise when the VLAN is provisioned across a plurality of switchingdevices as there may be multiple neighbor discovery router instancesexposed to a single VLAN.

However, with a global VLAN, hosts connected to different switchingdevices must be able to communicate as if they are on the same networksegment. The hosts may share the same network prefix and use neighbordiscovery protocol for router and neighbor discovery. The neighbordiscovery processes may run on a number of switching devices operatingas neighbor discovery router nodes.

FIG. 8 is a flow chart illustrating embodiments of this disclosure.method 800 may begin at step 810 where IPv6 traffic may be received by anetwork device. The IPv6 traffic may contain various type of data andmessages including ICMP messages.

Method 800 may then proceed to step 820. At step 820, the IPv6 trafficmay be directed to a switch device processor running a neighbordiscovery process if the IPv6 traffic comprises one or more neighbordiscovery messages identified in an access list.

In some embodiments, neighbor discovery messages may be identified bycomparing message type values associated with the packets in the IPv6traffic to the access list. The message type values include a pluralityof: router solicitation, router advertisement, neighbor solicitation,neighbor advertisement, and redirect messages. The access list may beprogrammed in hardware with a local CPU associated with a switchingdevice as its destination for identified messages.

Then, at step 830 the other IPv6 traffic may be sent to a centralprocessor for processing.

Embodiments of the present disclosure contemplate distributed models toachieve distributed neighbor discovery through a single address model.Some embodiments have a number of neighbor discovery processes runningon switching devices. Each of the neighbor discovery processes may usethe same router IP address and the same router MAC address. The routerMAC address may be installed in a MAC table. The router IP addresses maybe installed in FIB CAM.

Multicast neighbor discovery packets may be sent from a number of hosts.For neighbor discovery packets destined to all nodes (or all routers),the packets should be accepted and handled by the local neighbordiscovery process on the local switching device processor. The packetsmay also be flooded to other hosts through switching devices that haveports belonging to the same VLAN. The packets should not be processed byneighbor discovery processing on other switching devices.

For neighbor discovery packets destined to a solicited-node address,they should be accepted and handled by the local neighbor discoveryprocess on the local switching device processor if the destinationmatches with the local solicited-node address. Otherwise, the packetshould be flooded to other hosts on the same VLAN on other switchingdevices. These packets should not be processed by the processorsassociated with the other switching devices.

Similarly, multicast neighbor discovery packets may be sent from arouter. In some embodiments, such packets should only be sent to hostson the same VLAN connected to the local switching device.

In some embodiments, unicast neighbor discovery packets may be sent fromhost targets to the router. It may be assumed that the router MACaddress has been previously resolved by the hosts. After a unicastneighbor discovery packet is received by a switching device, an L2lookup may be performed at the switching device which should hit therouter MAC address. Hitting the router MAC address may trigger an L3lookup. The L3 lookup may hit the ACL so that the packet is punted tothe switching device's CPU. Unicast packets sent from a router to anumber of hosts are handled in a typical way.

In some embodiments, unicast neighbor discovery packets may be sent fromhost targets to a host connected to another switching device on the sameVLAN. After this type of unicast neighbor discovery packet is receivedby a switching device. The switching device may then perform in hardwarean L2 lookup that produces a miss. The packet may then be replicated andflooded to other hosts on the same VLAN using other switching devices.

FIG. 9 is a flow chart illustrating embodiments of the presentdisclosure. Method 900 may begin at step 910 where a number of neighbordiscovery processes using the same router IP address and the same routerMAC address may be implemented on a plurality of switching devices.

Next, at step 920 a multicast neighbor discovery packet may be receivedfrom a host. Then, at step 930 it may be determined if the multicastneighbor discovery packet is destined to a plurality of nodes. If so,method 900 proceeds to step 940 where the multicast neighbor discoverypacket may be handled with a local neighbor discovery process.

If not, method 900 proceeds to step 950, where it may be determined ifthe multicast neighbor discovery packet is destined to a solicited nodeaddress and the multicast discovery packet destination matches the localsolicited node address. If so, method 900 proceeds to step 960. At step960, the multicast neighbor discovery packet may be handled with a localneighbor discovery process.

In some embodiments, method 900 may proceed to step 970. At step 970,the multicast neighbor discovery packet may be flooded to other hosts onthe same VLAN associated with the other switching devices.

FIG. 10 is a flow chart illustrating embodiments of the disclosure.Method 1000 may begin at step 1010 when a unicast neighbor discoverypacket may be received. Method 1000 may then proceed to step 1020. Atstep 1020, an L2 lookup may be performed for the router MAC address.

If the router MAC address is hit, method 1000 may proceed to step 1030and perform an L3 lookup for a neighbor discovery access list. Upon ahit on the access list, method 1000 may proceed to step 1040 and puntthe unicast neighbor discovery packet to a local CPU.

In some embodiments step 1010 may comprises receiving a unicast neighbordiscovery packet from a host target to a host connected to a secondswitching device on the same VLAN. In that case, the L2 lookup at step1020 may produce a miss. Upon the miss, the unicast neighbor discoverypacket may be replicated and flooded to other hosts on the same VLAN.

Embodiments of the present disclosure contemplate distributed models toachieve distributed neighbor discovery through a multiple address model.In the multiple address model, each neighbor discovery process runningon a switching device may have a unique router IP address and a uniquerouter MAC address.

Typically, more than one neighbor discovery process can advertise arouter address to the same VLAN as if multiple routers existed on thatVLAN. Hosts and virtual machines connected to the VLAN may select arouter from its router list. Embodiments of the disclosure propose tosuppress Router Advertisement messages from the neighbor discoveryrouter on the switching devices. The default router may be configured onhosts (or VMs) with a management tool, such as DHCP. This may guaranteethat a host (or VM) always communicates with the same switching device.This switching device would normally be the switching device the host(or VM) is directly connected to. Such a solution requires minimalimplementation effort to configure existing systems.

When multicast neighbor discovery packets are sent from hosts, routeradvertisement packets sent from host will be dropped. NeighborSolicitation packets sent from the host should be punted to theswitching device CPU if the destination address matches with the localsolicited-node multicast address. There may exist some embodiments wherethe packet may not come from a directly connected host. This scenariomay exist for example, in instances of VMotion or systemmisconfiguration. As such, the switching device should allow forneighbor solicitation packets from hosts which are not directlyconnected.

In some embodiments, multicast neighbor discovery packets may be sentfrom a router. Again, router advertisement messages should besuppressed. Neighbor solicitation messages may be flooded to VLAN asusual. If the VLAN crosses multiple switching devices, the neighborsolicitation messages should be flooded to all switching devices thatcontain members of the VLAN.

In some embodiments, unicast neighbor discovery packets may be sent fromhost targets to the router. These packets may have the router MAC as thedestination MAC. These unicast neighbor discovery packets should bepunted to the neighbor discovery processes running on the local switchdevice as usual. Similar to above, the switching device should allow forneighbor solicitation packets from hosts which are not directlyconnected. Unicast packets sent from a router to a number of hosts arehandled in a typical way.

In some embodiments, unicast neighbor discovery packets may be sent fromhost targets to a host connected to another switching device on the sameVLAN. After this type of unicast neighbor discovery packet is receivedby a switching device. The switching device may then perform in hardwarean L2 lookup that produces a miss. The packet may then be replicated andflooded to other hosts on the same VLAN using other switching devices.

FIG. 11 is a flow chart illustrating embodiments of this disclosure.Method 1100 may start at step 1110 where multicast neighbor discoverypackets may be received. After receipt, method 1100 may proceed to step1120. At step 1120, the message type of the multicast neighbor discoverypackets may be determined by reference to an access list.

After determining the message type, method 1100 may proceed to step 1130where multicast neighbor discovery packets identified as routeradvertisement packets may be dropped. Method 1100 may then proceed tostep 1140 where multicast neighbor discovery packets identified asneighbor solicitation packets to a local CPU are punted if thedestination address matches the local solicited-node multicast address.

FIG. 12 is a flow chart illustrating embodiments of this disclosure.Method 1200 may start at step 1210 where a unicast neighbor discoverypacket with a router MAC as the destination MAC may be received. Uponreceipt of the unicast neighbor discovery packet, method 1200 mayproceed to step 1220 where the unicast neighbor discovery packet may bepunted to the local CPU running a neighbor discovery process.

Method 1200 may then proceed to step 1230. At step 1230, a unicastneighbor discovery packet may be received from a host target directed toa second host associated with a switching device on the same VLAN.Method 1200 will then proceed to step 1240 where a lookup may beperformed that produces a miss.

When the lookup results in a miss, method 1200 may proceed to step 1250.At step 1250, the unicast neighbor discovery packet may be replicatedand flooded to other hosts on the same VLAN.

In embodiments described herein, the switching device processor shouldnot process any packets other than neighbor discovery packets. All otherpackets should be handled by the central controlling processor asdescribed in regards to FIG. 13. FIG. 13 illustrates other packethandling according to embodiments described herein. Method 1300 maybegin at step 1310 where all incoming unicast and multicast packetsdestined to the router are punted to the central controller processor.

Method 1300 may proceed to step 1320. At step 1320, all outgoingmulticast packets may be flooded to the VLAN broadcast domain. Method1300 may then proceed to step 1330. At step 1330, the outgoing unicastpackets from the central controller processor need to resolve thedestination MAC address. By searching in the device/port prefix table,the switch device processor may be found through which the destinationmay be reached.

The method may proceed to step 1340, where a send request for the MACaddress to the switch device processor through an internal IPC channel.When the MAC address is learned from the reply message, it may be storedin a Neighbor Cache on the central controller processor. The MAC addressmay be used for sending the current and future unicast packets to thatdestination.

FIG. 14 illustrates a network device, such as computing device 1400.Computing device 1400 may include processing unit 1425 and memory 1455.Memory 1455 may include software configured to execute applicationmodules such as an operating system 1410. Computing device 1400 mayexecute, for example, one or more stages included in the methods asdescribed above. Moreover, any one or more of the stages included in theabove describe methods may be performed on any element shown in FIG. 14.

Computing device 1400 may be implemented using a personal computer, anetwork computer, a mainframe, a computing appliance, or other similarmicrocomputer-based workstation. The processor may comprise any computeroperating environment, such as hand-held devices, multiprocessorsystems, microprocessor-based or programmable sender electronic devices,minicomputers, mainframe computers, and the like. The processor may alsobe practiced in distributed computing environments where tasks areperformed by remote processing devices. Furthermore, the processor maycomprise a mobile terminal, such as a smart phone, a cellular telephone,a cellular telephone utilizing wireless application protocol (WAP),personal digital assistant (PDA), intelligent pager, portable computer,a hand held computer, a conventional telephone, a wireless fidelity(Wi-Fi) access point, or a facsimile machine. The aforementioned systemsand devices are examples and the processor may comprise other systems ordevices.

Embodiments of the present disclosure, for example, are described abovewith reference to block diagrams and/or operational illustrations ofmethods, systems, and computer program products according to embodimentsof this disclosure. The functions/acts noted in the blocks may occur outof the order as shown in any flowchart. For example, two blocks shown insuccession may in fact be executed substantially concurrently or theblocks may sometimes be executed in the reverse order, depending uponthe functionality/acts involved.

While certain embodiments of the disclosure have been described, otherembodiments may exist. Furthermore, although embodiments of the presentdisclosure have been described as being associated with data stored inmemory and other storage mediums, data can also be stored on or readfrom other types of computer-readable media, such as secondary storagedevices, like hard disks, floppy disks, or a CD-ROM, a carrier wave fromthe Internet, or other forms of RAM or ROM. Further, the disclosedmethods' stages may be modified in any manner, including by reorderingstages and/or inserting or deleting stages, without departing from thedisclosure.

All rights including copyrights in the code included herein are vestedin and are the property of the Applicant. The Applicant retains andreserves all rights in the code included herein, and grants permissionto reproduce the material only in connection with reproduction of thegranted patent and for no other purpose.

While the specification includes examples, the disclosure's scope isindicated by the following claims. Furthermore, while the specificationhas been described in language specific to structural features and/ormethodological acts, the claims are not limited to the features or actsdescribed above. Rather, the specific features and acts described aboveare disclosed as examples for embodiments of the disclosure.

What is claimed is:
 1. An apparatus comprising: a memory; and aprocessor coupled to the memory, wherein the processor is operative to:perform a number of neighbor discovery processes using the same routerIP address and the same router MAC address; receive a multicast neighbordiscovery packet from a host; if the multicast neighbor discovery packetis destined to a plurality of nodes, handle the multicast neighbordiscovery packet with a local neighbor discovery process; and if themulticast neighbor discovery packet is destined to a solicited nodeaddress and the multicast discovery packet destination matches the localsolicited node address, handle the multicast neighbor discovery packetwith a local neighbor discovery process.
 2. The apparatus of claim 1,wherein the memory further comprises: a MAC table for storage of therouter MAC address; and a FIB CAM for storage of the router IP address.3. The apparatus of claim 2, wherein the processor is further configuredto flood the multicast neighbor discovery packet to other hosts on thesame VLAN connected to the apparatus after the neighbor discoveryprocess.
 4. The apparatus of claim 1, wherein the processor is furtherconfigured to: receive a unicast neighbor discovery packet; perform anL2 lookup for the router MAC address; if the router MAC address is hit,perform an L3 lookup for an neighbor discovery access list; and punt theunicast neighbor discovery packet to a local CPU.
 5. The apparatus ofclaim 4, wherein the apparatus is a switching device with a plurality ofports.
 6. The apparatus of claim 1, wherein the processor is furtherconfigured to: receive a unicast neighbor discovery packet from a hosttarget directed to a second switching device on the same VLAN as theapparatus; perform an L2 lookup that produces a miss; replicate theunicast neighbor discovery packet; and flood the replicated packets toother hosts on the same VLAN.
 7. The apparatus of claim 5, wherein theneighbor discovery access list comprises a list of acceptable neighbordiscovery message types.
 8. A method comprising: performing a number ofneighbor discovery processes using the same router IP address and thesame router MAC address; receiving multicast neighbor discovery packetsfrom a host; when a first one of the multicast neighbor discoverypackets is destined to a plurality of nodes, handling the multicastneighbor discovery packet with a local neighbor discovery process; andwhen a second one of the multicast neighbor discovery packets isdestined to a solicited node address and the multicast discovery packetdestination matches the local solicited node address, handling themulticast neighbor discovery packet with a local neighbor discoveryprocess.
 9. The method of claim 8, wherein the memory further comprises:a MAC table for storage of the router MAC address; and a FIB CAM forstorage of the router IP address.
 10. The method of claim 9, furthercomprising flooding the multicast neighbor discovery packet to otherhosts on the same VLAN connected to the apparatus after the neighbordiscovery process.
 11. The method of claim 8, further comprising:receiving a unicast neighbor discovery packet; performing an L2 lookupfor the router MAC address; when the router MAC address is hit,performing an L3 lookup for an neighbor discovery access list; andpunting the unicast neighbor discovery packet to a local CPU.
 12. Themethod of claim 11, wherein the apparatus is a switching device with aplurality of ports.
 13. The method of claim 8, further comprising:receiving a unicast neighbor discovery packet from a host targetdirected to a second switching device on the same VLAN as the apparatus;performing an L2 lookup that produces a miss; replicating the unicastneighbor discovery packet; and flooding the replicated packets to otherhosts on the same VLAN.
 14. The method of claim 12, wherein the neighbordiscovery access list comprises a list of acceptable neighbor discoverymessage types.
 15. A computer-readable medium that stores a set ofinstructions which when executed perform a method comprising: performinga number of neighbor discovery processes using the same router IPaddress and the same router MAC address; receiving multicast neighbordiscovery packets from a host; when a first one of the multicastneighbor discovery packets is destined to a plurality of nodes, handlingthe multicast neighbor discovery packet with a local neighbor discoveryprocess; and when a second one of the multicast neighbor discoverypackets is destined to a solicited node address and the multicastdiscovery packet destination matches the local solicited node address,handling the multicast neighbor discovery packet with a local neighbordiscovery process.
 16. The computer-readable medium of claim 15, whereinthe memory further comprises: a MAC table for storage of the router MACaddress; and a FIB CAM for storage of the router IP address.
 17. Thecomputer-readable medium of claim 16, further comprising flooding themulticast neighbor discovery packet to other hosts on the same VLANconnected to the apparatus after the neighbor discovery process.
 18. Thecomputer-readable medium of claim 15, further comprising: receiving aunicast neighbor discovery packet; performing an L2 lookup for therouter MAC address; when the router MAC address is hit, performing an L3lookup for an neighbor discovery access list; and punting the unicastneighbor discovery packet to a local CPU.
 19. The computer-readablemedium of claim 18, wherein the apparatus is a switching device with aplurality of ports.
 20. The computer-readable medium of claim 15,further comprising: receiving a unicast neighbor discovery packet from ahost target directed to a second switching device on the same VLAN asthe apparatus; performing an L2 lookup that produces a miss; replicatingthe unicast neighbor discovery packet; and flooding the replicatedpackets to other hosts on the same VLAN.